15 matches found
EUVD-2025-28999
Malicious code in bioql PyPI...
CVE-2025-10278
A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09. Impacted is an unknown function of the file /crm/contact/transfer. This manipulation of the argument ids/newOwnerUserId causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and...
CVE-2025-10276
A security vulnerability has been detected in YunaiV ruoyi-vue-pro up to 2025.09. This vulnerability affects unknown code of the file /crm/contract/transfer. The manipulation of the argument id/newOwnerUserId leads to improper authorization. Remote exploitation of the attack is possible. The...
CVE-2025-10278
A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09. Impacted is an unknown function of the file /crm/contact/transfer. This manipulation of the argument ids/newOwnerUserId causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and...
CVE-2025-10278
YunaiV ruoyi-vue-pro (versions up to 2025.09) contains an improper authorization flaw in the /crm/contact/transfer endpoint, caused by manipulation of the ids/newOwnerUserId argument. The issue is exploitable remotely and an exploit has been published. Multiple sources confirm the root cause is i...
CVE-2025-10275
A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Executing manipulation of the argument ids/newOwnerUserId can lead to improper authorization. The attack may be launched remotely. The exploit has been made availab...
CVE-2025-10275
A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Executing manipulation of the argument ids/newOwnerUserId can lead to improper authorization. The attack may be launched remotely. The exploit has been made availab...
CVE-2025-10275 YunaiV yudao-cloud transfer improper authorization
A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Executing manipulation of the argument ids/newOwnerUserId can lead to improper authorization. The attack may be launched remotely. The exploit has been made availab...
CVE-2025-10275 YunaiV yudao-cloud transfer improper authorization
A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Executing manipulation of the argument ids/newOwnerUserId can lead to improper authorization. The attack may be launched remotely. The exploit has been made availab...
CVE-2025-10275
CVE-2025-10275 concerns YunaiV yudao-cloud up to 2025.09. Affects an unknown part of the file /crm/business/transfer. Root cause: manipulation of the argument ids/newOwnerUserId can lead to improper authorization, exploitable via remote access. Descriptions across sources confirm the vulnerabilit...
yudao-cloud 安全漏洞
yudao-cloud is a backend management system for YunaiV individual developers. A security vulnerability exists in yudao-cloud version 2025.09 and earlier, which stems from incorrect manipulation of the parameter ids/newOwnerUserId in the file /crm/business/transfer, which could lead to improper...
ruoyi-vue-pro 授权问题漏洞
ruoyi-vue-pro is China's Taro Road source code zhijiantianya open source an optimized refactoring of efficient backend management system framework for the development of enterprise backend , SaaS platforms , WeChat small program backend and so on. ruoyi-vue-pro 2025.09 and previous versions of th...
ruoyi-vue-pro 授权问题漏洞
ruoyi-vue-pro is China's Taro Road source code zhijiantianya open source an optimized refactoring of the efficient backend management system framework for the development of enterprise backend , SaaS platforms , WeChat small program backend and so on. ruoyi-vue-pro 2025.09 and previous versions o...
PT-2025-37271
Name of the Vulnerable Software and Affected Versions: YunaiV yudao-cloud versions prior to 2025.09 Description: A weakness exists in YunaiV yudao-cloud that may lead to improper authorization. The issue affects an unknown part of the file /crm/business/transfer. Manipulation of the argument...
PT-2025-37280
Name of the Vulnerable Software and Affected Versions: YunaiV ruoyi-vue-pro versions prior to 2025.09 Description: A flaw exists in YunaiV ruoyi-vue-pro that allows for improper authorization. The issue is related to the manipulation of the ids/newOwnerUserId argument within an unknown function o...